← Back to context

Comment by retired

12 hours ago

Marking a website as "unsafe" in Chrome is equal to standing in front of the door of a small restaurant and blocking 71% of people going inside. Everyone first has to agree that they will enter the restaurant at their own risk.

That is more than an opinion. Chrome has a monopoly and should act accordingly. Blocking entry to a website should be a last resort, not just because someone didn't add their website to the whitelist.

5 comments

retired

Reply
donmcronald  9 hours ago

Yeah. Everyone uses their list and being blocked by all web browsers is like having someone cover the doorway with a massive DANGER sign. It's insane that people are roaming around here arguing that it's ok because the damage caused is a necessity for "internet scale".

  • otterley  8 hours ago

    Right now, any damages are completely speculative at this point. I would suspect in this case, the damages are minimal, and taken in the broader context, the good outweighs the harm. Do you have evidence to the contrary?

    • donmcronald  6 hours ago

      The good outweighs the harm until it happens to you. The problem is that even if the failure rate is low, the failure can be catastrophic for the people suffering from it.

      I use Ubiquiti as an example for an update they pushed to their UniFi systems a long time ago (5+ years). Some people were configuring their devices to use an https URL to connect to a management console when it was supposed to be http. Before the update, the console accepted http on the https port. After it didn't. That caused devices to disconnect from the management portal and remain offline.

      When people complained, Ubiquiti said they realized it would happen, but it "would only affect a tiny percentage of customers." However, most customers that were affected had a 100% rate of failure. One person had something like 600-700 devices that got disconnected and required manual reconfiguration.

      A 1% failure rate might be ok for the company, but it shouldn't be if the 1% of people affected suffer 100% failure. The distribution of the failures needs to be considered.

      I had my primary domain that my entire family has used for 25 years put on that blacklist. If I hadn't been able to get it removed it would have had a massive negative impact on my life. Had it been suspended by the registry the way the OP of this article describes, I'm not sure how it would have worked out.

      So it may be a false positive of .0000000001%, but would have ruined my life. I have 900 entries in my password manager and probably half of them are tied to that domain. Is my entire digital life acceptable collateral damage? Is yours?

  • retired  8 hours ago

    Indeed. It is almost like how the Mafia operates. This person didn't submit his website to Google and now Google blocks visitors.